[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: SMTI_Encrypt (SMTI_EncryptCryptoPP)


I am no expert on these encryption algorithms, I have to re-investigate the
code every time I look into this particular logic.  After looking at
SMTI_Encrypt(...) and SMTI_Decrypt(...), I notice that the MEK->Length() is
passed to the appropriate CRYPTO++ data class constructors.  The CBC key
length of 16 you mention is simply the buffer length for the primitive
operations (including the initialization vector length).  The decrypt
operations also specify this length. It would appear they should work fine
with 5 byte (40 bit) key lengths. 

We do directly support "pbeWithMD5AndDES_CBC" in
CSM_Free3::DecryptPrivateKey(...), but it uses the key length of 128 bytes.
I do not believe the code has been tested with smaller key lengths.  If you
discover problems, I will investigate further and attempt to test smaller
key lengths.

Bob Colestock

-----Original Message-----
From: eboudreault@xxxxxxxxx [mailto:eboudreault@xxxxxxxxx]
Sent: Thursday, June 21, 2001 10:43 AM
To: imc-sfl@xxxxxxx
Subject: SMTI_Encrypt (SMTI_EncryptCryptoPP)


I try to make an EncryptedData with pbewithSHAAnd40BitRC2_CBC and i've
notice that the function SMTI_EncryptCryptoPP accept only keys of 16 bytes
of length.

The thing that i don't understand is that we can decrypt an EncryptedData
with pbewithSHAAnd40BitRC2_CBC (key of 5 bytes of length).

Can you tel me if it'is an error ?????

What can i do to encrypt with a key of 5 bytes with RC2 in CSM_Free3 ???


Eric Boudreault
Motus Technologies
390, St-Vallier Est
Bureau 100
Québec, Qc
G1K 3P6
Tél.: 521-2100  ext.#242
Fax.: 521-2101
courriel: eboudreault@xxxxxxxxx